subdomain problem

Michael Voight mvoight at cisco.com
Wed Sep 1 19:16:49 UTC 1999 

What we are saying it is difficult to help without information.
No one asaid you were stupid. I suggested we didn't have enough
information to see the problem. So, fine, I won't help.

Michael 

hoyoung at us.ibm.com wrote:
> 
> Please, people... if you want to help, great!  Otherwise, don't bother
> insult/abuse us who ask questions.  Remember, everyone was once "stupid".  I
> don't believe you are the exception of the rules.
> 
> Btw, I work on fireware and know and done what you suggested.  But rules are
> rules, they aren't made by me and wont' be broken by me, either.
> 
> Thanks and appreciate all your help!
> H. D
> 
> > Could anyone tell me what I'm missing here?
> 
> Incomplete zone information
> ---the crucial and necessary zone info is there

No, it isn't 

> 
> No named.boot or named.conf info
> ---very basic...not sure even need to look into this.  Possitive they are
> correct of no error.

Even postive people make mistakes.

> 
> No log messages
> No query results from nslookup or dig
> ---As i said, nslookup result is no ip(x.x.x.x) found and server failed.

OK, server failed is a valid message. But we have no clue about whether
this ip address is the ip address of the auth server.
Was the reverse zone delegated to you?

> No idea if the internic knows who you are
> ---we are absolutely known by the internic....They aren't the only servers and
> domains I manage...I think I know this much...
> 
> What actually have you told us except
> 
> It doesn't work
> I delegated the reverse domain.
> 
> Why are you talking about the reverse domain if you don't care about it?
> 
> Plus, for security reasons, you don't want to give us the real names or
> zones.  Take it from a professional.. If this is the security that you
> are relying on, DON'T. Real security is done by blocking traffic and/or
> authentication, not by hiding hostnames and addresses.
> 
> Michael
> 
> hoyoung at us.ibm.com wrote:
> >
> > Could anyone tell me what I'm missing here?
> >
> > Parent domain test.com is on server name.test.com. Server ip is 11.13.x.x
> > Sub domain  sub.test.com is on server namesub.test.com.  Server ip is
> 11.13.x.x
> >
> > test.com is authoritive for 13.11.IN-ADDR.ARPA and 12.11.IN-ADDR.ARPA   I want
> > sub.test.com to be authoritive for 5.12.11.in-addr.arpa.  This what I did:
> >
> > a. In 12.11.IN-ADDR.ARPA.zone on name.test.com, I have:
> >
> > 5 IN NS namesub.test.com.
> > 14 IN NS namesub.test.com.
> >
> > b. On namesub.test.com, I have a zone called 5.12.11.in-addr.arpa.zone which
> has
> > the following:
> >
> > $ORIGIN 5.12.11.in-addr.arpa.
> > @    IN  SOA     namesub.test.com. hoyoung.test.com. (980926 600 400 2592000
> 300
> > 200 )
> >      IN      NS    namesub.test.com.
> > 11   IN PTR    .....
> > 12   IN ....
> >
> > ON server namesub.test.com, in etc/hosts, I have 11.13.x.x. and
> > namesub.test.com.  In /etc/resolv.conf file, I have domain sub.test.com.
> >
> > I only care about reverse resolution.
> > I can't resolve anything.  What's wrong with the configuration?
> >
> > Thanks.
> > btw, the ip ranges and domain names aren't real for security purpose...
> >
> > Hannah Day

More information about the bind-users mailing list